r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8389
Expires: Mon, 06 Feb 2023 11:38:41 GMT
Date: Mon, 06 Feb 2023 09:18:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9651
Expires: Mon, 06 Feb 2023 11:59:43 GMT
Date: Mon, 06 Feb 2023 09:18:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: u/dSje3kfIxBBCnCLF5r05bJJ14/L1mw24GDO8wgI7CkrOX4TPJbkMB59KS12IHuaTM8wLg183xJcA7Y3CrVJw==
x-amz-request-id: QY61515JSERZWW95
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 08:53:38 GMT
age: 1514
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0bf32948ebe69cc5a92dce2b209a6bab
291d5e9e653dd98a1c4e7bdeb0dd6d55befe20ea
52a298b4036a7ae2fe6ea0630e9f9536a47b7e865a8a9d7b0c917f5111e885e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A298B4036A7AE2FE6EA0630E9F9536A47B7E865A8A9D7B0C917F5111E885E8"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5619
Expires: Mon, 06 Feb 2023 10:52:31 GMT
Date: Mon, 06 Feb 2023 09:18:52 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 41 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 2b57d90700e4510a504eeb3e068b3ade
5a038630841c294c20072713fee9b8d25e9ce316
05419254cc092ee8a22e0d6d21e0b1bdb876ee6cfb1f914d96a7050fcf7b0b9e
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: KuTxUxTXzyWUa9fK6oAzjGAgWRnI5yOfK4Ardj4EKoHVkkEMepTlJw==
content-encoding: gzip
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 09:16:16 GMT
content-type: application/json
content-length: 41074
age: 156
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 09:18:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11828
Expires: Mon, 06 Feb 2023 12:36:00 GMT
Date: Mon, 06 Feb 2023 09:18:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 08:34:03 GMT
content-type: application/json
age: 2689
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
103.253.213.43200 OK 20 kB URL HTTP/1.1 dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5336), with CRLF, LF line terminators
Hash 9cca458fea2e0931a33ff18724790232
c48c9851c2507f83aaffacdb891d125b7722d313
8c2487dd3e99e02ba43de87cf282481460f8b339ca3cb51719224cc0ec237576
Analyzer Verdict Alert fortinet Phishing
GET /new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac; expires=Mon, 06-Feb-2023 11:18:52 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 06 Feb 2023 09:18:52 GMT
server: LiteSpeed
dhs.or.id//public/css/owl.carousel.min.css
103.253.213.43200 OK 905 B URL HTTP/1.1 dhs.or.id//public/css/owl.carousel.min.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (2846)
Hash 5aebc2c708928de94caa731c721c2fe6
a8a3c831fd9d377495264c6e2bd1a6efc91ea6ab
6add1af88cce3158b8b46a1484352d9103b82e4525c9e94ba3f4d1870cc21733
GET //public/css/owl.carousel.min.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 905
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c3fd3749702fc1d129a2fc5f7b326e3e
45a3e92ffc9c590c0b223423bc215eca968f55f3
65cc367c3bfe1de702a6020541aa8f2e184f5ac73e535dce6c406b9e81d249c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5024
Cache-Control: max-age=147614
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Etag: "63e04ffb-118"
Expires: Wed, 08 Feb 2023 02:19:07 GMT
Last-Modified: Mon, 06 Feb 2023 00:55:23 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Last-Modified: Mon, 06 Feb 2023 07:39:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Last-Modified: Mon, 06 Feb 2023 07:39:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dhs.or.id//public/css/owl.theme.default.css
103.253.213.43200 OK 522 B URL HTTP/1.1 dhs.or.id//public/css/owl.theme.default.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash c19ed5b4056ed646b291e8b071b19ed2
2d3a9b73e202ea1583f904ad71afc729b742d94c
5aed398f389315218694918c8ca9309bc007cb34b25872ba24817d1dee920cd6
GET //public/css/owl.theme.default.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 522
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
104.17.24.14200 OK 845 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (3184)
Hash 156afaf08dd47df971d3a40926c19974
d3f886560b55ff3c39d628ef16a71ca49cb7ecfb
e4f93dd20cb7feb2c6d408b396e194928381545d24584431ab341ed094fb31fa
GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: text/css; charset=utf-8
content-length: 845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-d17"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 906049
expires: Sat, 27 Jan 2024 09:18:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6gjQKc5iR98wpnYsp1gLC%2BuiisnwwujBdOmuXn3OGS1heL8rhMRZlWgkCProTdBDl8LB2Ny34qDnKQqnZeJ2OtgajTsdACnE8bd8SqkcIKIEUqgz3RFhgmDHyFSkL%2FHfhIGNgek"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd0f290b1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dhs.or.id//public/css/sm-core-css.css
103.253.213.43200 OK 469 B URL HTTP/1.1 dhs.or.id//public/css/sm-core-css.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type troff or preprocessor input, ASCII text
Hash 6b0bea9dfe92c8250daa76b83dc57200
71927e97c239923fd0f509e12cc170bc239320f9
c4cd45c4781f8059b4dcdc2a0d3a9252c6fef77992c70df31dabbbbea5186715
GET //public/css/sm-core-css.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 469
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 208225
expires: Sat, 27 Jan 2024 09:18:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbOO3mXubm%2BoGuZHO8x8mpyqohqRRMP9%2FBNQ5m2e16xlQl5cQrunWrWB%2FqXdolUgjABi9uTa0g3Mh%2Bc5wwq%2Fq3DIJv0y41onuxYxO%2FrjHI5ISa%2FWog%2BlfAOT3q4m6q8g3h4BDUrJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd0f29121c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 08:51:19 GMT
age: 1654
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css
104.17.24.14200 OK 331 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (846)
Hash c9eb6550c91c2a2f505af3b9acfbd9f5
9db062adb9e1f8b45ba84af5e55dd38587ddabc6
c64f83ee7947be6b299005510b64a85d5dd88998275f1ca498e27bad15ba35bc
GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: text/css; charset=utf-8
content-length: 331
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-3f5"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 10678433
expires: Sat, 27 Jan 2024 09:18:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyEqdLFMHkl%2BNp3w4SMXRxive%2BEdu3lZR9KJBm3XwAIFw4yN66X0zOqga5DevDEH4EL4IK7ZG1vV1XZNC%2FcWXhkg0TJDzHfNFaTQhwYiGWzyo2Ot87%2FtwoqMOXBD86hqkHdYpO6m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd0f39361c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dhs.or.id//public/css/sm-simple.css
103.253.213.43200 OK 1.4 kB URL HTTP/1.1 dhs.or.id//public/css/sm-simple.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash 564edc2cf3bccd24e663ee7ed1c08461
8ff19296fe2689f1ecbb111ca37584b5891523ba
c6b6fc1722faa47edc8adf98505008d2a698a1d0d36831ae1d10741ac52d8804
GET //public/css/sm-simple.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1386
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js
172.217.21.170200 OK 64 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32157)
Hash 7756e68f4eb51a103ca4470ef4bced27
acd37eeae2641edac458694a14c6e1a2985e87b6
1798a9b14876b546bb25c1dc964fa574c02538439b716433f1594aad03c3b2e1
GET /ajax/libs/jqueryui/1.11.2/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64362
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 18:39:38 GMT
expires: Mon, 05 Feb 2024 18:39:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 52755
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dhs.or.id//public/css/custom.css
103.253.213.43200 OK 9.7 kB URL HTTP/1.1 dhs.or.id//public/css/custom.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type assembler source, Unicode text, UTF-8 text, with very long lines (308)
Hash b2050953b55d796968d02fc82ec48d61
b3389d57c79d163285dc7dc08d5f011b85e19478
d05c46d45cced01b6c8fe15b69123eba1a047efbb0a4419bc36432ac466267c2
GET //public/css/custom.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9692
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Last-Modified: Mon, 06 Feb 2023 07:39:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
dhs.or.id//public/css/bootstrap.css
103.253.213.43200 OK 21 kB URL HTTP/1.1 dhs.or.id//public/css/bootstrap.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (540)
Hash df20a856bb80ecb48184763109429a37
b3f4784a12ec416d5e7915c65b725ae992eca8b7
7b05f86f77e1654f04348e8352fa3de08326871c2f21358760c63534405c70c2
GET //public/css/bootstrap.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 21309
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
www.google.com/recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV
142.250.74.164400 Bad Request 119 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0
GET /recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Mon, 06 Feb 2023 09:18:53 GMT
expires: Mon, 06 Feb 2023 09:18:53 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (31997)
Hash da09af9c30411ac4ea58fa932c2bcdf1
3021a222be0168efcad5db279a305485935aeff5
19e819601b91eb75c0609dd6343a344f280a94b83e06e58595bafff5b12ca7f4
GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 10158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1518521
expires: Sat, 27 Jan 2024 09:18:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMsJo3oi%2FQhFLzC0Cr4ZdsDYeOu7AG0FC4NlPszSr%2Fk%2BfXe47M94Z7L71Bn6pwcxcHLAyQmMytuloAdvX2vA8PKkID0JW%2Fyauao7hPK%2BJOwAATX5Is%2BNCR5NKeuUiSMs2ujGts4M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd0fc9b61c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dhs.or.id//public/css/sm-blue.css
103.253.213.43200 OK 1.8 kB URL HTTP/1.1 dhs.or.id//public/css/sm-blue.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (1135)
Hash 54cb5e584280f59ce3535ab437c3c7e1
0b5a6a3f47e72a10bff12dadc35e2ea5c40da066
845d6d6b4cff53951068b9af002aecb29a12aaeba17e2f1126f8f7e55258daa6
GET //public/css/sm-blue.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1806
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dhs.or.id//public/css/animate.css
103.253.213.43200 OK 4.2 kB URL HTTP/1.1 dhs.or.id//public/css/animate.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (46487)
Hash a2871788ed56f4a76fc04511d17429f3
61557e13199a62878415c0c3f13b6ac7da797e16
b516bcc4b307625284dd3770c32a92feaa7c05b41d28cbbd4fa17e6d16b3797b
GET //public/css/animate.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4200
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8844
Expires: Mon, 06 Feb 2023 11:46:17 GMT
Date: Mon, 06 Feb 2023 09:18:53 GMT
Connection: keep-alive
dhs.or.id//public/css/magnific-popup.css
103.253.213.43200 OK 1.6 kB URL HTTP/1.1 dhs.or.id//public/css/magnific-popup.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (5599), with no line terminators
Hash 3d5fae8a960727a9f8c5761c7ead7ca1
b85ead6da7890084b6384fc8b78582467f7507cd
6d191feaf312c8e18eb449ce353e1bca8be94e410479d687da6bc75b4f32f4bc
GET //public/css/magnific-popup.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1623
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/css/themify-icons.css
103.253.213.43200 OK 3.0 kB URL HTTP/1.1 dhs.or.id//public/css/themify-icons.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash 1fdd69c4e227fc2ac6c656e7ddf9e424
9c1cf78681a7657da469b7fdb0bc3a4c550f553d
678dda3fc2508e952449056da97c05890f312f6172032be151821161d7949855
GET //public/css/themify-icons.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2953
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/css/slick.css
103.253.213.43200 OK 566 B URL HTTP/1.1 dhs.or.id//public/css/slick.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash d979503c94235e3d7c63804334eae591
927ae013d52d4b540539d6923201f42ccf78a77b
12bc72121ec549a084158825b575260a3feb5e67d795bce84d18874deec2f6df
GET //public/css/slick.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 566
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/css/jquery.bxslider.css
103.253.213.43200 OK 1.1 kB URL HTTP/1.1 dhs.or.id//public/css/jquery.bxslider.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash eac850ba6b5fe367f4401f680f6ba3f7
24954ad8354d09829764ba76924f7c58845b2844
bd62645fd4c083c146cdf6ea21c835be2872c2ce7863f696f9049e765fadffdc
GET //public/css/jquery.bxslider.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1126
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/css/slick-theme.css
103.253.213.43200 OK 864 B URL HTTP/1.1 dhs.or.id//public/css/slick-theme.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash abdb521dcb99d105f1b8a57ce22f3f59
03c35040b8e4185e9768ad004c2f8e71daebbb57
22640aabed9e87ede610f077342b0b19476d11ee591f7fc88110468ed7608113
GET //public/css/slick-theme.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 864
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/css/bootstrap-datetimepicker.min.css
103.253.213.43200 OK 1.6 kB URL HTTP/1.1 dhs.or.id//public/css/bootstrap-datetimepicker.min.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (11083)
Hash 6f8ebb51449d11dbd64bf82ce3e89285
6bc956ebab4def6cf96450950b8e795ef60034fe
c2764dfe2565cc07e6e88805b0c363231e87bbe1aca36275e5a4f24fb029b627
GET //public/css/bootstrap-datetimepicker.min.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1616
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id/public/css/index.css
103.253.213.43200 OK 2.6 kB URL HTTP/1.1 dhs.or.id/public/css/index.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash a5d72d1b66b86c01b4faad51d3df44db
27e876234aa489d8eb8e1b9ad776369049bbee61
fc41b8fa4e6c44a103ad541d0fe7e2272be694e18d32276b5aeaed27e41f28a7
GET /public/css/index.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Thu, 09 Jan 2020 07:20:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2611
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/js/jquery.bxslider.js
103.253.213.43200 OK 12 kB URL HTTP/1.1 dhs.or.id//public/js/jquery.bxslider.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash 6e7bc98fb1615dd0f9813a45ce751b99
cf25b928c6d3aabac7450d81ea7a0757e71c462a
94def53b27c9e42692bd6dfe5c37b9bc4f735b535d819d8b729a7d9353436adf
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery.bxslider.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11677
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
push.services.mozilla.com/
52.40.68.141101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.68.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I2tu8jXLn5usHyUBEufi1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Fw7BLskU28Ip3VKNGmSCSIMw4lg=
dhs.or.id//public/js/bootstrap.js
103.253.213.43200 OK 14 kB URL HTTP/1.1 dhs.or.id//public/js/bootstrap.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash ab228ec95779ac631bc13b4c62fc1927
6a269be920ba864437f0931fa217d536359a89c2
ea44e2f14b631d903d45906e2dfb5889df91ff8fdcde7934ed2fd65ce394b626
Analyzer Verdict Alert fortinet Phishing
GET //public/js/bootstrap.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14437
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/js/owl.carousel.min.js
103.253.213.43200 OK 11 kB URL HTTP/1.1 dhs.or.id//public/js/owl.carousel.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (32000)
Hash a887cebbad63de094ca671c2c39532c8
ebf38f6f34d0c03368cc5120cebc469edc964340
471b9524213fd20d992306836cd6d74c2c8e318d78e1fb18ee6186c9322ad008
Analyzer Verdict Alert fortinet Phishing
GET //public/js/owl.carousel.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10951
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/js/koepoekoepoelike.js
103.253.213.43200 OK 285 B URL HTTP/1.1 dhs.or.id//public/js/koepoekoepoelike.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash c0c3cd6358a5cdf8376bb82a90bcb882
5378da0f516890f99c8df006bdde4d13317baa04
68b617754bd6ed45474b51c58c294d07d3785cf160da2ebe78cd8c5e5e524f89
Analyzer Verdict Alert fortinet Phishing
GET //public/js/koepoekoepoelike.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 285
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/js/jquery-3.2.1.min.js
103.253.213.43200 OK 30 kB URL HTTP/1.1 dhs.or.id//public/js/jquery-3.2.1.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (32058)
Hash 2b9c3a55026fa687fa8add847adc9703
f2d759f36127a585a1353362fc0888eb5ccc38f8
5a2a26016574209924c64a06714a35f93eb82a215bb635a98706e3421e5e305d
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery-3.2.1.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30229
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/js/jquery.smartmenus.min.js
103.253.213.43200 OK 7.1 kB URL HTTP/1.1 dhs.or.id//public/js/jquery.smartmenus.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (24459)
Hash 85d13c2f45095edc5516c464b9512c95
a62a2954296badd17816bdf460c3a9d0486c6a29
1289b1b819e3aea3518545a7243b2ac5c367b7926296256d372ef94acc4a9d54
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery.smartmenus.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7063
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/js/jquery-2.2.4.min.js
103.253.213.43200 OK 30 kB URL HTTP/1.1 dhs.or.id//public/js/jquery-2.2.4.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (32065)
Hash f50985fa1fdbe40e0a8efc8f7e6c4d10
ceeb06184bd23b9b4f134ae101736b30ac66fdef
eab597a347a3be859dbaa88785f858d55b432bc95b5c8fc50de61d7a87a04826
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery-2.2.4.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 29909
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/js/active.js
103.253.213.43200 OK 1.5 kB URL HTTP/1.1 dhs.or.id//public/js/active.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with CRLF line terminators
Hash fd8d44613c1ec832530acfcb4d3bdb2e
629e005d5d077093fdf1b29c7b264c960486e4ae
8e373dbeffe46945856ebf91fedc7b3446d06b8080ea85850dddf62e9d7dbf13
Analyzer Verdict Alert fortinet Phishing
GET //public/js/active.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1494
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/js/slick.min.js
103.253.213.43200 OK 10 kB URL HTTP/1.1 dhs.or.id//public/js/slick.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (42862)
Hash 38871a60d3cf10ca0766761b1a65f819
a5bc60c160fc49c707e43ec8bd79bf6bbc0c6bff
ab1372cd813bb4a31c90e3df45d18c170fc2f571fb40be43201d7bc99f982b37
Analyzer Verdict Alert fortinet Phishing
GET //public/js/slick.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10414
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/js/bootstrap-datetimepicker.min.js
103.253.213.43200 OK 9.9 kB URL HTTP/1.1 dhs.or.id//public/js/bootstrap-datetimepicker.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (39213), with no line terminators
Hash 4d030356c61bc342c303b401f23afaf2
ef80de13c210b73ae33e84c72ee02cd687e56e72
5ced3bc1f7fa912f0b7a980154af33eb24e4093696eca588c81d2ba369eedc96
Analyzer Verdict Alert fortinet Phishing
GET //public/js/bootstrap-datetimepicker.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9881
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id/public/penidabay/css/responsive.css
103.253.213.43200 OK 3.4 kB URL HTTP/1.1 dhs.or.id/public/penidabay/css/responsive.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (373), with CRLF line terminators
Hash d6b19bcc56099c5a30e98cacdc717bec
82e8ea7a3eaba0bbf8fe759d0d321b5eb5a494a8
b7979310ff50655605682b1cac2f2fceb3fb1f3c745ec8d52564806091492a8c
GET /public/penidabay/css/responsive.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Thu, 07 Sep 2017 09:51:48 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3407
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id/public/penidabay/js/scripts.js
103.253.213.43200 OK 4.6 kB URL HTTP/1.1 dhs.or.id/public/penidabay/js/scripts.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with CRLF line terminators
Hash b32e0f399e85a3f013394aa06aab3129
4226d2eb5f716390883d622df8cc78c542f158de
46c4f916715253d85e52f3eba7fa87a7acc21d8d0ce1dfdca1ac9465074051dc
Analyzer Verdict Alert fortinet Phishing
GET /public/penidabay/js/scripts.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Sun, 07 May 2017 15:24:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4649
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/js/plugins.js
103.253.213.43200 OK 54 kB URL HTTP/1.1 dhs.or.id//public/js/plugins.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (32068), with CRLF line terminators
Hash ac77da9af533ae98c13daff51057e035
f9f81b96551a15d19073b77627b8c6d201d8200c
d559b9b962e326bda1aebd87314951483261020736b9358d9a430208c201c71d
Analyzer Verdict Alert fortinet Phishing
GET //public/js/plugins.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 54337
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed
dhs.or.id//public/css/jquery.marquee.min.css
103.253.213.43200 OK 278 B URL HTTP/1.1 dhs.or.id//public/css/jquery.marquee.min.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
Hash db39762b8cd1de4903978c703006bdc2
f248f9ba9dca8cd4676b3488038f29c926227f9c
dc6be64f7f152f92d06512f48e403d8033355dc8acb5bc3f18a8ad488d76c768
GET //public/css/jquery.marquee.min.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 278
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/js/jquery.marquee.min.js
103.253.213.43200 OK 1.5 kB URL HTTP/1.1 dhs.or.id//public/js/jquery.marquee.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (2541), with CRLF line terminators
Hash fc904b1c00c8015559e571543e575567
9b9079a50babef44c2a4fc0153fef59525b665f9
649b9c1c6185ff7fb5dab39f12e01130951678360407bf6ba39236be216ee919
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery.marquee.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1531
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/css/color.css
103.253.213.43200 OK 889 B URL HTTP/1.1 dhs.or.id//public/css/color.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (3475), with no line terminators
Hash 0e6cd7b8c8d74d68753ad7be054872c2
5706a3813f6854d52284b92a0b3d0e916922cd97
5950d61d83a300dcc8a2d7cb37778731772c7b0e51942a98230f4ce6570e4584
GET //public/css/color.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Sat, 31 Aug 2019 03:50:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 889
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/css/materialize.css
103.253.213.43200 OK 1.7 kB URL HTTP/1.1 dhs.or.id//public/css/materialize.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (6894), with no line terminators
Hash a5c1bdd164b0553add33479904130a41
b36a504dece8bfaf1b2991dc3e2c3571c1e7cdc1
0f8dcafc573491103bfcbeb5fbf16a6cffff25f7d8fd842242f43cd34e6dba97
GET //public/css/materialize.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1697
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/css/font-awesome.css
103.253.213.43200 OK 7.0 kB URL HTTP/1.1 dhs.or.id//public/css/font-awesome.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash e78cfdd9c09ed86425d12952baa61e4e
077e83187d29e21e2de52f47417a779f5d3e29cb
7ee2e585165b1d8650fe5de41f06bb17c80247f60cebb99cebaf290e73cdbb48
GET //public/css/font-awesome.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6978
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/css/bootstrap-social.css
103.253.213.43200 OK 3.4 kB URL HTTP/1.1 dhs.or.id//public/css/bootstrap-social.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (556)
Hash 96bbbcfbe5cc307ca96f6759983b7610
ad1523be389a13acfe00cd607fa5e36dbe27f7b9
2401e6d236a24eb0c386675d8cb23460b8e54dd723963c183da6cb2b16f9f52a
GET //public/css/bootstrap-social.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3366
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/js/jquery.instagramFeed.min.js
103.253.213.43200 OK 1.5 kB URL HTTP/1.1 dhs.or.id//public/js/jquery.instagramFeed.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type HTML document, ASCII text, with very long lines (3268), with CRLF line terminators
Hash c2d0d758df4c0cfd9f0a390eba7f95d4
2db836b90cf7c84f124030c113f933d1e3eb9140
e864b68be7b98d508df10f74362eadb32f5f1a99d8add1f26f445e6141850949
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery.instagramFeed.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Wed, 27 Jan 2021 03:17:23 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1461
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/css/jquery.contactus.min.css
103.253.213.43200 OK 2.9 kB URL HTTP/1.1 dhs.or.id//public/css/jquery.contactus.min.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (18438), with CRLF line terminators
Hash 3eb96eb3238672149814fc6955b569fd
03e0f0c62df436b4f2c8ac78a1170d8bbc7fd233
87792adfbef6c32644fc979c402e623a10c6ec8ec63ffc342aa35345455040aa
GET //public/css/jquery.contactus.min.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Mon, 09 Sep 2019 09:02:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2944
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/js/jquery.contactus.min.js
103.253.213.43200 OK 3.8 kB URL HTTP/1.1 dhs.or.id//public/js/jquery.contactus.min.js
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type ASCII text, with very long lines (13933), with no line terminators
Hash bf8c9d234171370f8e1eff4df60bbdeb
a909437a7e7c5519b84782243a1bd550d65fc5ef
ddc9d14338b2f43f0e60aa4a643651621c3b84ebda27d910d2354eba522fc098
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery.contactus.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Mon, 09 Sep 2019 09:03:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3768
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/css/iconmoon.css
103.253.213.43200 OK 20 kB URL HTTP/1.1 dhs.or.id//public/css/iconmoon.css
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5336), with CRLF, LF line terminators
Hash 9cca458fea2e0931a33ff18724790232
c48c9851c2507f83aaffacdb891d125b7722d313
8c2487dd3e99e02ba43de87cf282481460f8b339ca3cb51719224cc0ec237576
GET //public/css/iconmoon.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id//public/css/custom.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2e321721a636309ac45c6722f71a5d5
8f4224824571577109bf32b1fa7646dbfb88e818
a52611068a9694594dec4dddb1bd29afdbba897a2e1f61dcf3ceb81e262912e8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12459
x-amzn-requestid: 5dd251ba-30e6-47aa-846a-9cefa9aa4928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPHlWIAMFnZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-402585d71ebd0ebf75af210d;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dMwyfVFayhAjpMMOiE96N2N5TwdvJ52UvscJ6miuz4W3qNKXVS9jaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:11 GMT
age: 41324
etag: "8f4224824571577109bf32b1fa7646dbfb88e818"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700
142.250.74.74200 OK 9.2 kB URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700
IP 142.250.74.74:0
Hash 6b6fb6fea55585537944cbb463a2b687
ccd80fd860904297e363da0216ff2a0365dd5694
e4777704032c13eb325c3c3792a761376ad4bcdd381feb01cb02666cf260b7e9
GET /css?family=PT+Sans+Narrow:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 09:18:53 GMT
date: Mon, 06 Feb 2023 09:18:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea463f7a06fe1403c18c8ce8781244a1
fbbe4b97e4b39983b36340030f6b40adc69cd485
93a12a85886512e3336d027c889a2276087976b1c9106356cc81596b88087042
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b1baa973-5b7c-4daa-af2e-e9f0b3c6a604
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzViwFG1IAMF4qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de02de-4a0c9cf45c1a20083bb838dc;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:01:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sAiUWR0kcs2yN_7IIHwlSl1eNIRMEaSJ8QD_Uti1CU6IFIGh0kSmSw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 08:03:07 GMT
age: 4548
etag: "fbbe4b97e4b39983b36340030f6b40adc69cd485"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q5tAmSUsPHlKjkJSksZpvVrOAsduYKg0uuTlc03yvuhtO1BUKlHyuA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 07:54:29 GMT
age: 5066
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 41332
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d97807096c24402f2938faa7bef0bb1f
5dcc91fcfb218579f9bb8d74949c62b42a0ee0f5
61d5e5e14348dcd17a2d65ed50bf4870cfa0869b2027bd9e02e5656b71ae7b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9504
x-amzn-requestid: 5ed1526b-636a-4aac-9900-3438fe44bc68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4o9ZF4fIAMFuhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e021ef-6925f9fa343504e94459aa70;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:38:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U81u29w8Kam-xsluWwUqh-4J1bS-8viBRP4f6ERFJcGUpsDLcB-feg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:09 GMT
age: 41266
etag: "5dcc91fcfb218579f9bb8d74949c62b42a0ee0f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.24.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://dhs.or.id
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:55 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 983065
expires: Sat, 27 Jan 2024 09:18:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EDgLPGhsYppK%2FXS8ROo7fYgkb0AwrYsTUxQJ43AVVZbtz1%2BWDpMOsJfcoWs%2BQXq%2BQgJLWQEam3yqSId%2FSpaUpqzxHTxaHfQ0XpM04ZqaiIhjR1V17z5MnUuJlvdYhSL5hpdn6ZG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd1a0dec1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dhs.or.id/uploads/program/program_202708010814_FBSBartender.jpg
103.253.213.43200 OK 632 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010814_FBSBartender.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:06:06], baseline, precision 8, 1000x667, components 3\012- data
Size 632 kB (631753 bytes)
Hash 176bdd6f3c056b39e5553a9d466cf3a6
d9b967fa8f69d66368bfe68c18b86c3742693524
6d77e83c6aa75a31880a9667798ec14c2c0dcc8ee9993cdde4b3508b60eafe90
GET /uploads/program/program_202708010814_FBSBartender.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:12:14 GMT
accept-ranges: bytes
content-length: 631753
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010832_CulinaryArt.jpg
103.253.213.43200 OK 539 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010832_CulinaryArt.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:07:20], baseline, precision 8, 1000x667, components 3\012- data
Size 539 kB (539375 bytes)
Hash 9daf55b9cbbc51d5112759ebb6083aea
32994d491731f9feb4a076daa603cc8065028eb0
5c292726296a9bdc5f0af008009ff7fb4b108ac0b26a500c2a811b96c3be85d1
GET /uploads/program/program_202708010832_CulinaryArt.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:12:32 GMT
accept-ranges: bytes
content-length: 539375
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010845_Perhotelan.jpg
103.253.213.43200 OK 474 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010845_Perhotelan.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:10:35], baseline, precision 8, 1000x667, components 3\012- data
Size 474 kB (474499 bytes)
Hash f94d149c3560f17e349ee742f54186ad
199b9e8c2615273cc2d867775377f9039ec2e5ef
52c1f9c02efee47d20bc3078025f1d13e44613d61ac70dbf988a3183a59559ba
GET /uploads/program/program_202708010845_Perhotelan.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:12:45 GMT
accept-ranges: bytes
content-length: 474499
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id/public/css/fonts/Poppins-Regular.ttf
103.253.213.43200 OK 122 kB URL HTTP/1.1 dhs.or.id/public/css/fonts/Poppins-Regular.ttf
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright (c) 2014 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular2.000;ITFO;Popp\012- data
Size 122 kB (121682 bytes)
Hash 9d55f938715168401f6ffb36899d95aa
ad0b3ce05af6a3f80b8a14c175052080e5a7f6fa
7ad2e29a1f992def35bb5ea135933e128795cc0a52cbe1458efd940ae16014ac
Analyzer Verdict Alert fortinet Phishing
GET /public/css/fonts/Poppins-Regular.ttf HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/public/css/index.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: font/ttf
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 121682
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010816_CruiseLineFBS.jpg
103.253.213.43200 OK 556 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010816_CruiseLineFBS.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:21:40], baseline, precision 8, 1000x667, components 3\012- data
Size 556 kB (555536 bytes)
Hash b048b857a6d9d9e894ff501c79e04bf2
2345bae820804b1b1ae067fc2d87f4391b6f7151
03729bcc981af62c1f3c0cefcd5bd9ab3c3662257a969225ea1bb4b58586c380
GET /uploads/program/program_202708010816_CruiseLineFBS.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:34:16 GMT
accept-ranges: bytes
content-length: 555536
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010828_CruiseLineCook.jpg
103.253.213.43200 OK 538 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010828_CruiseLineCook.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:20:43], baseline, precision 8, 1000x667, components 3\012- data
Size 538 kB (537966 bytes)
Hash 3f56f5989bf01175eb746d779bde8e2c
94e21be769a44b2c2181719fc6485d3ee2b55933
7f56357694cbb6023a1db50dcdcd5322773c936454a68143432a2dcc9f5efaa9
GET /uploads/program/program_202708010828_CruiseLineCook.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:34:28 GMT
accept-ranges: bytes
content-length: 537966
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010853_FBSBartender.jpg
103.253.213.43200 OK 584 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010853_FBSBartender.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:22:14], baseline, precision 8, 1000x667, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 16, minimum point enabled, calibration: offset 0.000000, slope 301700842854318597556215362879488.000000\012- data
Size 584 kB (583625 bytes)
Hash 32bd31e3902b41894de2dca3a511683a
e14adf031395849f4470bc73db84454ecc46ae06
0e9bad8d6c90830d70d12dcaf8e1aaa56b343efff60db7790053498f3f8282e5
GET /uploads/program/program_202708010853_FBSBartender.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:34:53 GMT
accept-ranges: bytes
content-length: 583625
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed
dhs.or.id//public/fonts/fontawesome-webfont.woff2?v=4.6.3
103.253.213.43200 OK 72 kB URL HTTP/1.1 dhs.or.id//public/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert fortinet Phishing
GET //public/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://dhs.or.id//public/css/font-awesome.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: font/woff2
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-length: 71896
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id//public/fonts/glyphicons-halflings-regular.woff2
103.253.213.43200 OK 18 kB URL HTTP/1.1 dhs.or.id//public/fonts/glyphicons-halflings-regular.woff2
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Phishing
GET //public/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://dhs.or.id//public/css/bootstrap.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: font/woff2
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-length: 18028
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/public/css/fonts/Poppins-Bold.ttf
103.253.213.43200 OK 122 kB URL HTTP/1.1 dhs.or.id/public/css/fonts/Poppins-Bold.ttf
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright (c) 2014 Indian Type Foundry (info@indiantypefoundry.com)PoppinsBold2.000;ITFO;Poppins\012- data
Size 122 kB (121905 bytes)
Hash 88182954337c602d8af0bfbec47c2145
d4947aefb19e6283953b876e6e65cada549b3c28
7b1cdf61f54770339bc72fcb14c94f67a538d8c74924d727494e208d6f3beb66
Analyzer Verdict Alert fortinet Phishing
GET /public/css/fonts/Poppins-Bold.ttf HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/public/css/index.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: font/ttf
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 121905
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/bg_welcome.jpg
103.253.213.43200 OK 161 kB URL HTTP/1.1 dhs.or.id/uploads/bg_welcome.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x527, components 3\012- data
Size 161 kB (161323 bytes)
Hash c2b3559b8c5ad5ced8fee6328a6ec299
6573151349900ad3e60f9a5bd9b18c769364e7e8
b48ec8e174cf794d0e93d333f978041a4f639c534d7826a37c222f075771ea32
GET /uploads/bg_welcome.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2019 03:28:48 GMT
accept-ranges: bytes
content-length: 161323
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/berita/berita_220410111018_LuncurkanProgramRPLberbasisDistanceLearningProgram,DHSberharapmampumenjadiakselelatorkompetensipendidikanpekerjapariwisatadiIndonesia.jpg
103.253.213.43200 OK 51 kB URL HTTP/1.1 dhs.or.id/uploads/berita/berita_220410111018_LuncurkanProgramRPLberbasisDistanceLearningProgram,DHSberharapmampumenjadiakselelatorkompetensipendidikanpekerjapariwisatadiIndonesia.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x495, components 3\012- data
Hash 9ff26da2ab71b26084a44aa622dd2886
6c7b4e4722031ed2a63d135ffac36b804e7d8e42
e1bcdfff712e07367eddd2702720539c09556f66f0df0487e62ab2eb0b625142
GET /uploads/berita/berita_220410111018_LuncurkanProgramRPLberbasisDistanceLearningProgram,DHSberharapmampumenjadiakselelatorkompetensipendidikanpekerjapariwisatadiIndonesia.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 03:59:18 GMT
accept-ranges: bytes
content-length: 51060
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/berita/berita_212610021016_IKomangAdiWiranata,alumniDHSsuksesditerimadiWaldorfAstoria,Dubai.jpeg
103.253.213.43200 OK 104 kB URL HTTP/1.1 dhs.or.id/uploads/berita/berita_212610021016_IKomangAdiWiranata,alumniDHSsuksesditerimadiWaldorfAstoria,Dubai.jpeg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1000, components 3\012- data
Size 104 kB (104180 bytes)
Hash ab9d1f6b155d9a2232cee8f3155359ec
e32c4e9938024e5c783168615ed321142924ba50
0c09053253f655f8a9497810eb90b2768c038baf70ff7db276f854b0222abbe9
Analyzer Verdict Alert fortinet Phishing
GET /uploads/berita/berita_212610021016_IKomangAdiWiranata,alumniDHSsuksesditerimadiWaldorfAstoria,Dubai.jpeg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Tue, 26 Oct 2021 06:27:16 GMT
accept-ranges: bytes
content-length: 104180
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/berita/berita_212310091049_lulusanotomotifjugabisamenjadihotelier:kisahinspiratifadisaputra.jpeg
103.253.213.43200 OK 101 kB URL HTTP/1.1 dhs.or.id/uploads/berita/berita_212310091049_lulusanotomotifjugabisamenjadihotelier:kisahinspiratifadisaputra.jpeg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1334, components 3\012- data
Size 101 kB (101448 bytes)
Hash 45329a3a07ac35961863d2ad9aeafa84
26e699fbd20afea78ede0a13e361f23c6f25cb32
bfe3b3edc815cebc8dd384c3e21494ee7e51bddce450b5271d091f38262cf8a5
Analyzer Verdict Alert fortinet Phishing
GET /uploads/berita/berita_212310091049_lulusanotomotifjugabisamenjadihotelier:kisahinspiratifadisaputra.jpeg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Sat, 23 Oct 2021 13:07:50 GMT
accept-ranges: bytes
content-length: 101448
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/berita/berita_211510081044_JanaOky,suksesditerimadiMSCCruiseLinesebagaiAsstWaiter.jpeg
103.253.213.43200 OK 130 kB URL HTTP/1.1 dhs.or.id/uploads/berita/berita_211510081044_JanaOky,suksesditerimadiMSCCruiseLinesebagaiAsstWaiter.jpeg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1334, components 3\012- data
Size 130 kB (130333 bytes)
Hash ddc85b12f92e2b7b5c63d0cccc3130d6
68f5894aa01b4590bdd1d182dd387cd7e4107083
a6ec9d0f35176d52f2d1820273687d4d78ea6d299d2aa49cea286a16423fe830
Analyzer Verdict Alert fortinet Phishing
GET /uploads/berita/berita_211510081044_JanaOky,suksesditerimadiMSCCruiseLinesebagaiAsstWaiter.jpeg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Fri, 15 Oct 2021 00:44:44 GMT
accept-ranges: bytes
content-length: 130333
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708110812_AustraliaStudyVisit.jpg
103.253.213.43200 OK 489 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708110812_AustraliaStudyVisit.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 11:35:37], baseline, precision 8, 1000x667, components 3\012- data
Size 489 kB (489365 bytes)
Hash 4c4d3ff856444cf0ca0a5eb6b1b5366c
2611023b01b56711d4461e84b4207ed8cc0335cb
a17c199b26da8d3c415434b98857f92933fff450d1540a7df6cc1f50d2300b8e
GET /uploads/program/program_202708110812_AustraliaStudyVisit.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 03:37:12 GMT
accept-ranges: bytes
content-length: 489365
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708120839_AusbildungJerman.jpg
103.253.213.43200 OK 486 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708120839_AusbildungJerman.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:54:08], baseline, precision 8, 1000x667, components 3\012- data
Size 486 kB (486346 bytes)
Hash 165d176936372323e8c82021e6d2bf8c
feb3394a2f70f4fbdaf60701da2e46f7c36ec6fe
bc5370e31f21989450755b22be4a2623d6e9e1280d3fa12aad86b502c5ff39fe
GET /uploads/program/program_202708120839_AusbildungJerman.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:55:39 GMT
accept-ranges: bytes
content-length: 486346
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708120842_SingapuraStudyVisit.jpg
103.253.213.43200 OK 478 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708120842_SingapuraStudyVisit.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:09:26], baseline, precision 8, 1000x667, components 3\012- data
Size 478 kB (477516 bytes)
Hash 9da77ee921ea91483f1027ced9202599
020bf059e0173bd84afd4601b834b697847b61c4
50adf46eb42755549b89bb7d0808caecc81a8ce05a6c5d3d59d62c5e2dafdc91
GET /uploads/program/program_202708120842_SingapuraStudyVisit.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:54:42 GMT
accept-ranges: bytes
content-length: 477516
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/berita/berita_212611051140_DHSluncurkanBRATACLASSuntukMilenialsGenZGenUntukBersaingdiEraGlobalisasi.png
103.253.213.43200 OK 1.8 MB URL HTTP/1.1 dhs.or.id/uploads/berita/berita_212611051140_DHSluncurkanBRATACLASSuntukMilenialsGenZGenUntukBersaingdiEraGlobalisasi.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced\012- data
Size 1.8 MB (1757391 bytes)
Hash f6ca5d7fe8ed8394c0c585abe700a061
ea1ad3d03da13fdc8d837fbb0f56d6a580d9e3cf
e2a830f86d32d26400c1b9ad522bd13d3021d2fbaa15a710774737c7f5b8e814
GET /uploads/berita/berita_212611051140_DHSluncurkanBRATACLASSuntukMilenialsGenZGenUntukBersaingdiEraGlobalisasi.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/png
last-modified: Fri, 26 Nov 2021 09:04:41 GMT
accept-ranges: bytes
content-length: 1757391
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708120804_AustraliaShortCourse.jpg
103.253.213.43200 OK 639 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708120804_AustraliaShortCourse.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:28:24 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset -0.000000, slope 46.000000], baseline, precision 8, 1000x667, components 3\012- data
Size 639 kB (638992 bytes)
Hash 960969ae517caaaf10fbea3667fbfe77
fe7766f68e401e1bc572e30ef5385d681df11e05
736c8720cc30c477aabc1ddbc20de8dff07e32f924dd0d2b4227418330f37076
GET /uploads/program/program_202708120804_AustraliaShortCourse.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:55:04 GMT
accept-ranges: bytes
content-length: 638992
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708120820_THSAustralia.jpg
103.253.213.43200 OK 458 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708120820_THSAustralia.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:07:23], baseline, precision 8, 1000x667, components 3\012- data
Size 458 kB (457904 bytes)
Hash 8666d073d3988b3c013a58f65232d237
09a6903f9d65d78f4aac228e166ffcb8e090ec56
8d3eb6dd88c2a60acc216e86d37beb4063e44e60218e53d6b38babbb1391277f
GET /uploads/program/program_202708120820_THSAustralia.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:55:20 GMT
accept-ranges: bytes
content-length: 457904
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010823_Perhotelan.jpg
103.253.213.43200 OK 528 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010823_Perhotelan.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:23:54], baseline, precision 8, 1000x667, components 3\012- data
Size 528 kB (527764 bytes)
Hash 8d83dff10d05cabe7eb986dd37f468e4
99ef4e8d19fea081d255331fa513f446cbc8a0b9
0fd20b513cf35ceba4b9ae2615b61a229ae57e72d44b0e8e00e6d59db4b05491
GET /uploads/program/program_202708010823_Perhotelan.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:35:23 GMT
accept-ranges: bytes
content-length: 527764
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010808_Bartender.jpg
103.253.213.43200 OK 648 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010808_Bartender.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:26:44], baseline, precision 8, 1000x667, components 3\012- data
Size 648 kB (648267 bytes)
Hash 31eb7f31585683d11825e7309d3a26d9
cbfb4f913eead734a5badacfa46c77712441862f
6105c9a8211d21fdd1ecaf7368fad8c5c00c63a28eea1488fed3f28cbe6e739c
GET /uploads/program/program_202708010808_Bartender.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:32:08 GMT
accept-ranges: bytes
content-length: 648267
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010811_CulinaryArt.jpg
103.253.213.43200 OK 627 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010811_CulinaryArt.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:23:08], baseline, precision 8, 1000x667, components 3\012- data
Size 627 kB (626830 bytes)
Hash 50e2d8f3903013bad9cb1973533edd41
3945083452bc6aec93098634ce31f9097f93b3ac
6735028e568fc21a7383a9be8fb698d010f8e63cd5bb1b200787dc2a8a820a4b
GET /uploads/program/program_202708010811_CulinaryArt.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:35:11 GMT
accept-ranges: bytes
content-length: 626830
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010823_Housekeeping.jpg
103.253.213.43200 OK 545 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010823_Housekeeping.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:27:22 DIY-Thermocam raw data\012- (Lepton 2.x), scale 885-29292, spot sensor temperature 3715504275456.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 1186825144474799235106078720.000000], baseline, precision 8, 1000x667, components 3\012- data
Size 545 kB (545218 bytes)
Hash e777c6df17df88c6e65ba3847021fbc7
46c3c3de9d1c400389b7fcbaea8a06d215df3c0c
748673e785bcc156031ec9bda69554aa1f02a4448caaaf859945acd28d4766ab
GET /uploads/program/program_202708010823_Housekeeping.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:32:23 GMT
accept-ranges: bytes
content-length: 545218
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010807_FrontOffice.jpg
103.253.213.43200 OK 472 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010807_FrontOffice.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:31:15], baseline, precision 8, 1000x667, components 3\012- data
Size 472 kB (472183 bytes)
Hash f0b205442b6c4c046d716668f8d6b961
95ea323cd0f9e18b2b1a90ba3daedb78aeb4b1eb
4315438c794928bbc4af5cebe446d6f90e02b65bb82601c83252d826881bf35a
GET /uploads/program/program_202708010807_FrontOffice.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:33:07 GMT
accept-ranges: bytes
content-length: 472183
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010837_FBService.jpg
103.253.213.43200 OK 548 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010837_FBService.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:28:18], baseline, precision 8, 1000x667, components 3\012- data
Size 548 kB (547782 bytes)
Hash 82902036899edc59feeea5b9b1d84b63
c5d2df54b843ebd2c73fc9e404da46f5d93a71b9
e15daf326634fa7d2ab91e18929d91ed2fa0b12702685990b70f1417a08d9a7b
GET /uploads/program/program_202708010837_FBService.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:32:37 GMT
accept-ranges: bytes
content-length: 547782
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708010850_CulinaryArt.jpg
103.253.213.43200 OK 520 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708010850_CulinaryArt.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:25:21], baseline, precision 8, 1000x667, components 3\012- data
Size 520 kB (519698 bytes)
Hash 941b027165e5dfcc7976a1d448c0e345
51e7ecd1a8332d044687ff180d30bde2a202e404
8f8bc622e9760eaf9ffa0ce70ac4bfdccb70dde686b91f546d9ec759fcace86c
GET /uploads/program/program_202708010850_CulinaryArt.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:32:50 GMT
accept-ranges: bytes
content-length: 519698
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_210701110126_DHSSERVEHUMANITY.jpeg
103.253.213.43200 OK 173 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_210701110126_DHSSERVEHUMANITY.jpeg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1000, components 3\012- data
Size 173 kB (173401 bytes)
Hash cd9e7c598045d5e7d832b099e65988fd
af250be046a0b4b81b135e95a27a57585e13eac6
4a69c6c774198bca2b2ce7f173143b45713adbdfc0be0e6f5e6daa186b92809f
Analyzer Verdict Alert fortinet Phishing
GET /uploads/program/program_210701110126_DHSSERVEHUMANITY.jpeg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 07 Jan 2021 03:45:26 GMT
accept-ranges: bytes
content-length: 173401
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/logo_192509100957_.png
103.253.213.43200 OK 21 kB URL HTTP/1.1 dhs.or.id/uploads/logo_192509100957_.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 221 x 186, 8-bit/color RGBA, non-interlaced\012- data
Hash f7879aa7406038be98a17634403562ae
2f2167f91757bccd0144a85fb1ed75bbd34bb1ee
113400779caf68a239c8dd2ca9d2e13e54ba3e35caf84f6610dde24f2fcc014b
GET /uploads/logo_192509100957_.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2019 02:09:57 GMT
accept-ranges: bytes
content-length: 20818
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/indonesian.png
103.253.213.43200 OK 774 B URL HTTP/1.1 dhs.or.id/uploads/indonesian.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 42cf93dd015a8b26d01131cfec41e5ef
2809d8cec72607868f82785d6a3f72d975fcc8aa
e209f73b639cf332ee95345ef0725673ea1a2dbea1165530a1754fb2cf9881b3
GET /uploads/indonesian.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Mon, 07 Oct 2019 09:02:00 GMT
accept-ranges: bytes
content-length: 774
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/slider/slider_201401010157_SelamatdatangdiDHS.jpg
103.253.213.43200 OK 532 kB URL HTTP/1.1 dhs.or.id/uploads/slider/slider_201401010157_SelamatdatangdiDHS.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=640, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x640, components 3\012- data
Size 532 kB (532261 bytes)
Hash d1498b1ad7bc045aa7a18cbcf9a1247c
3be750bf45a0a8545da921cdcb4fac8da6d38263
3ab867c54b1e2492d2e47568f1c85f19131e7b9602af77fe451acab90debcd89
GET /uploads/slider/slider_201401010157_SelamatdatangdiDHS.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jan 2020 05:45:57 GMT
accept-ranges: bytes
content-length: 532261
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/dhs_klungkung.png
103.253.213.43200 OK 143 kB URL HTTP/1.1 dhs.or.id/uploads/dhs_klungkung.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 1312 x 474, 8-bit/color RGBA, non-interlaced\012- data
Size 143 kB (143196 bytes)
Hash 180cb4501aaf422ba7e1769128cb6304
164949b563b74c13f0ff8f6d66f0ee0392ad71e4
11abb34f1d1f40c2c9a2c0f411a1198f3b0c75023eb7c2c4e6d8843dc9cd39a1
GET /uploads/dhs_klungkung.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Wed, 22 Jan 2020 07:14:52 GMT
accept-ranges: bytes
content-length: 143196
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/header_190310041035_.png
103.253.213.43200 OK 12 kB URL HTTP/1.1 dhs.or.id/uploads/header_190310041035_.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 214 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ec37168d74d72b49e303aa17d977111
8d4986e3c3ef670e96c015d2ac1a5905c1c18e8d
ab83d943106fbe50f4ead0699656763375d610854a0ea74558056edb0d34e94c
GET /uploads/header_190310041035_.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2019 08:49:35 GMT
accept-ranges: bytes
content-length: 12116
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_202708120854_TAFEAustralia.jpg
103.253.213.43200 OK 443 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_202708120854_TAFEAustralia.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:50:43], baseline, precision 8, 1000x667, components 3\012- data
Size 443 kB (442969 bytes)
Hash 534e5006753e176874241b1890bb8861
fa42ad5a6e9106e8bef471141c5d86ce736834a7
e7a635fa66ca2a345953c6e2e3a3780329a7eab2e2a5f156e82459d886de4ad3
GET /uploads/program/program_202708120854_TAFEAustralia.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:55:54 GMT
accept-ranges: bytes
content-length: 442969
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/carrer/icon_190210121020_ProgramPelatihanKerja.png
103.253.213.43200 OK 2.0 kB URL HTTP/1.1 dhs.or.id/uploads/carrer/icon_190210121020_ProgramPelatihanKerja.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 475ab2538aa4be05a6f0367fd38d2c06
2a5f59cc18e5a6a69b85550cee8f18b150f63e82
f69e1c4dcfe176e89272e14353942be1695f078a58c18b256581b8d11384822f
GET /uploads/carrer/icon_190210121020_ProgramPelatihanKerja.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2019 04:08:20 GMT
accept-ranges: bytes
content-length: 2031
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/carrer/icon_190210121054_HubunganIndustri.png
103.253.213.43200 OK 1.6 kB URL HTTP/1.1 dhs.or.id/uploads/carrer/icon_190210121054_HubunganIndustri.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 81cf350430da17286712ef379f8e65a8
8e2491245a08d3f1e7a761ff93cee65451340ce4
74bc8f161b164bc45a4f3341136b1782aa6caebf07e62e4578df7eea75a18090
GET /uploads/carrer/icon_190210121054_HubunganIndustri.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2019 04:12:54 GMT
accept-ranges: bytes
content-length: 1648
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed
dhs.or.id/uploads/carrer/icon_190210121005_KonsultanKarirPendidikan.png
103.253.213.43200 OK 1.3 kB URL HTTP/1.1 dhs.or.id/uploads/carrer/icon_190210121005_KonsultanKarirPendidikan.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash c8b885d9cbeaeaf0de16649bc811124b
18940985557611bc0da55911d1f55beb020ccedb
c68c2a94317725c6a42ca3aebe5f08adfd7e4fa0888503c6d3e57a7bbdb98a5d
GET /uploads/carrer/icon_190210121005_KonsultanKarirPendidikan.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2019 04:13:05 GMT
accept-ranges: bytes
content-length: 1310
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/carrer/icon_190210121014_ForumBisnisPerhotelanKapalPersian.png
103.253.213.43200 OK 2.3 kB URL HTTP/1.1 dhs.or.id/uploads/carrer/icon_190210121014_ForumBisnisPerhotelanKapalPersian.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ca97ac3a63e5611798ad0285f591b19
ab0f74bd14758f79c81c9a76105b7f3f48e815d1
9796e8654dffec494c633f8996f3d3793a3614a569270db4eefc428cf928a986
GET /uploads/carrer/icon_190210121014_ForumBisnisPerhotelanKapalPersian.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2019 04:13:14 GMT
accept-ranges: bytes
content-length: 2340
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/bg_career.jpg
103.253.213.43200 OK 162 kB URL HTTP/1.1 dhs.or.id/uploads/bg_career.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x631, components 3\012- data
Size 162 kB (161716 bytes)
Hash 270b75a9797625ad8372fff704f47f16
abd4e9f19d4fe23a67c8165797b10c8ba1724ad0
344a1f72006835be9034cef3feef7cbac62c4cdc4583c4aaf5460260ed179e65
GET /uploads/bg_career.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Thu, 03 Oct 2019 04:09:13 GMT
accept-ranges: bytes
content-length: 161716
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/program/program_210912011223_LAUNCHINGBRATACLASS.png
103.253.213.43200 OK 822 kB URL HTTP/1.1 dhs.or.id/uploads/program/program_210912011223_LAUNCHINGBRATACLASS.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 1000 x 993, 8-bit/color RGBA, non-interlaced\012- data
Size 822 kB (822222 bytes)
Hash 3f81c49cf155b092c1243a125993a238
2886ee272d1108ce44c0c80272fd934362a83932
5951160f793bd4fae51db70888a0e24a981521ed6dd170d1fa39168cda411703
GET /uploads/program/program_210912011223_LAUNCHINGBRATACLASS.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Thu, 09 Dec 2021 05:01:24 GMT
accept-ranges: bytes
content-length: 822222
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/testimoni/testimoni_191510021056_SatrioRizkyNurahmaji.jpg
103.253.213.43200 OK 68 kB URL HTTP/1.1 dhs.or.id/uploads/testimoni/testimoni_191510021056_SatrioRizkyNurahmaji.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x667, components 3\012- data
Hash 884460721551969af717895b01f54342
81eab2d568edbf73a718729b1a68000cd709e9ef
ca155c5775d1d80975ef7e3179d62898bfae4edc320016980c3fb94805d43cfd
GET /uploads/testimoni/testimoni_191510021056_SatrioRizkyNurahmaji.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 15 Oct 2019 06:53:56 GMT
accept-ranges: bytes
content-length: 68037
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/testimoni/testimoni_191410041014_PandeMadeAndikaSuprayana.jpg
103.253.213.43200 OK 26 kB URL HTTP/1.1 dhs.or.id/uploads/testimoni/testimoni_191410041014_PandeMadeAndikaSuprayana.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash b6f233074056c0689265d7ef61e36959
401dbd9a36f14a3c50dbc2a245e15a1c386517e4
99f1cd5080cb9b91ad7582b8447d1eda2de64e9c4b397071be49fd642bb91cf1
GET /uploads/testimoni/testimoni_191410041014_PandeMadeAndikaSuprayana.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 15 Oct 2019 04:16:17 GMT
accept-ranges: bytes
content-length: 25744
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/testimoni/testimoni_191410041008_NiMadeMeidyAniPrastiwi.jpg
103.253.213.43200 OK 55 kB URL HTTP/1.1 dhs.or.id/uploads/testimoni/testimoni_191410041008_NiMadeMeidyAniPrastiwi.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1000, components 3\012- data
Hash 31bf8e0f339f66dd1e4a6cbc3ecc7888
fb70521a9d5d43d36189d3b0708e8a5bc1c51dfd
d80c403660020854763cff456826d89208a3f26e8d8a00aa77443d1a7720afac
GET /uploads/testimoni/testimoni_191410041008_NiMadeMeidyAniPrastiwi.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2019 08:30:08 GMT
accept-ranges: bytes
content-length: 54620
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/English.png
103.253.213.43200 OK 707 B URL HTTP/1.1 dhs.or.id/uploads/English.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash e4896565595fc22e344fd619c0ed15bb
43d4481a4cc3e60b406b2467b5f7e576fcbae260
c3a4cb8f32ef0cd89e6429d40d1faebd359e02e34d69764052c8402a391e9a00
GET /uploads/English.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Mon, 07 Oct 2019 09:02:00 GMT
accept-ranges: bytes
content-length: 707
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/slider/slider_201401010116_StartYourCareer.jpg
103.253.213.43200 OK 914 kB URL HTTP/1.1 dhs.or.id/uploads/slider/slider_201401010116_StartYourCareer.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=640, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x640, components 3\012- data
Size 914 kB (913922 bytes)
Hash 26c7cfcd0d029113d835152ee348e3c0
2291448965a8848626a7cfc3209cd5a0239cf360
6a857fb2611d6fd7375a12c1281a2cd7b5f135b2f2a937352faf383ed2af0bcb
GET /uploads/slider/slider_201401010116_StartYourCareer.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jan 2020 05:37:16 GMT
accept-ranges: bytes
content-length: 913922
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/slider/slider_190310041006_StartYourCareer.jpg
103.253.213.43200 OK 392 kB URL HTTP/1.1 dhs.or.id/uploads/slider/slider_190310041006_StartYourCareer.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x640, components 3\012- data
Size 392 kB (391606 bytes)
Hash e3aebb63fe00e0eaaa0d0d04b0550f44
3a1c561dd7d81b1ef9dc1fc4ba795aedc8867349
a261cbd11b2ed3d7d7d98e553041447152984d7a103aa368004a2b1b2ec37ef4
GET /uploads/slider/slider_190310041006_StartYourCareer.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Thu, 03 Oct 2019 08:17:06 GMT
accept-ranges: bytes
content-length: 391606
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/slider/slider_192509110933_GapaiKarirCemerlangdiIndustriHospitality.jpg
103.253.213.43200 OK 526 kB URL HTTP/1.1 dhs.or.id/uploads/slider/slider_192509110933_GapaiKarirCemerlangdiIndustriHospitality.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x640, components 3\012- data
Size 526 kB (526526 bytes)
Hash a51a5dcb12a33d66103ed6d7003fdd5e
67287353979d2b68a91883bcc407193357594f45
1ad0bfdbf2e6dd14aa911c178ec3528c4ebe0910d40e313ab6cf9c22daa901bd
GET /uploads/slider/slider_192509110933_GapaiKarirCemerlangdiIndustriHospitality.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2019 03:21:33 GMT
accept-ranges: bytes
content-length: 526526
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/slider/slider_201401010152_StartYourCareer.jpg
103.253.213.43200 OK 964 kB URL HTTP/1.1 dhs.or.id/uploads/slider/slider_201401010152_StartYourCareer.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=640, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x640, components 3\012- data
Size 964 kB (964233 bytes)
Hash 23faaa850dbd0b2af99f6238303a5778
18f663d2b6dda7c7824b56f8b487fe0126b8154a
8bf756895e94a27d27750ba78e5ad21c37cd7e41cad8d3da92776f85669e67ec
GET /uploads/slider/slider_201401010152_StartYourCareer.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jan 2020 05:28:52 GMT
accept-ranges: bytes
content-length: 964233
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/slider/slider_192509100958_SelamatDatangdiDHS.jpg
103.253.213.43200 OK 704 kB URL HTTP/1.1 dhs.or.id/uploads/slider/slider_192509100958_SelamatDatangdiDHS.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x640, components 3\012- data
Size 704 kB (703783 bytes)
Hash 2578146e5c7de8635c891efcf69941e8
080658d47a129439a72aaa2e2a39cfb6a8ea7ad2
ff63e6420cd2a72bc3251bda9f01280aeaee63c85cd63da7a54915e2d161dfb3
GET /uploads/slider/slider_192509100958_SelamatDatangdiDHS.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2019 02:13:58 GMT
accept-ranges: bytes
content-length: 703783
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id//public/images/icon.png
103.253.213.43200 OK 10 kB URL HTTP/1.1 dhs.or.id//public/images/icon.png
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ce91d10102c5792a48b5f21680f9b16
506d21e041a9ea398ef8d6da7f13600de8eabd79
cd03c38326e09214eb7477126f8be4b86bc941e4fb5e1307afcab523dc6a0623
GET //public/images/icon.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2019 07:39:56 GMT
accept-ranges: bytes
content-length: 10094
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
dhs.or.id/uploads/slider/slider_201401010127_StartYourCareer.jpg
103.253.213.43200 OK 695 kB URL HTTP/1.1 dhs.or.id/uploads/slider/slider_201401010127_StartYourCareer.jpg
IP 103.253.213.43:0
ASN #58487 Rumahweb Indonesia CV.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=640, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x640, components 3\012- data
Size 695 kB (695000 bytes)
Hash 60577e5a5bd28a985a376c531e57767b
b4cced7f492c8d2fa170380d77206b28ebd14e08
ad112cc9915f91019462c34f8f465e8b1e805887e1c51892d0f0a8598f8fb0ed
GET /uploads/slider/slider_201401010127_StartYourCareer.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jan 2020 05:32:27 GMT
accept-ranges: bytes
content-length: 695000
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f51d1339a69144672058890b98c8729
82a41bc760d94fc1a40679ce12ce9f194d5f0e0d
92653a165cbe4ef88ace4c53cedf6db8004f7ba656c2f84f9e94caead68cd3a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1628
Cache-Control: max-age=132296
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:59 GMT
Etag: "63e0216f-1d7"
Expires: Tue, 07 Feb 2023 22:03:55 GMT
Last-Modified: Sun, 05 Feb 2023 21:36:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f51d1339a69144672058890b98c8729
82a41bc760d94fc1a40679ce12ce9f194d5f0e0d
92653a165cbe4ef88ace4c53cedf6db8004f7ba656c2f84f9e94caead68cd3a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1628
Cache-Control: max-age=132296
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:59 GMT
Etag: "63e0216f-1d7"
Expires: Tue, 07 Feb 2023 22:03:55 GMT
Last-Modified: Sun, 05 Feb 2023 21:36:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.instagram.com/denpasarhotelschool
31.13.72.174301 Moved Permanently 0 B URL HTTP/2 www.instagram.com/denpasarhotelschool
IP 31.13.72.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /denpasarhotelschool HTTP/1.1
Host: www.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dhs.or.id
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.instagram.com/denpasarhotelschool/
strict-transport-security: max-age=15552000
content-type: text/html; charset="utf-8"
x-fb-debug: +E5tqawbZKatIRsxtk+Ev05tKfb6FqDwXaVo8RC/ZHUNmA5Xku3hmPtVpW7IGwu2aYTfpMqJeEGoiOeg8TdVOw==
content-length: 0
date: Mon, 06 Feb 2023 09:18:59 GMT
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.instagram.com/denpasarhotelschool
31.13.72.174301 Moved Permanently 0 B URL HTTP/2 www.instagram.com/denpasarhotelschool
IP 31.13.72.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /denpasarhotelschool HTTP/1.1
Host: www.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dhs.or.id
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.instagram.com/denpasarhotelschool/
strict-transport-security: max-age=15552000
content-type: text/html; charset="utf-8"
x-fb-debug: GKwwaYYN8uwr9h15CceJzou/FrMb1L9Iym4QglZZ14IasUhQ9D9eCxHw3m/gj6FDiR4SfDFtLDec2cz9sVkjzw==
content-length: 0
date: Mon, 06 Feb 2023 09:18:59 GMT
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f51d1339a69144672058890b98c8729
82a41bc760d94fc1a40679ce12ce9f194d5f0e0d
92653a165cbe4ef88ace4c53cedf6db8004f7ba656c2f84f9e94caead68cd3a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1628
Cache-Control: max-age=132296
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:59 GMT
Etag: "63e0216f-1d7"
Expires: Tue, 07 Feb 2023 22:03:55 GMT
Last-Modified: Sun, 05 Feb 2023 21:36:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
snapwidget.com/js/snapwidget.js
172.67.75.33200 OK 0 B URL HTTP/2 snapwidget.com/js/snapwidget.js
IP 172.67.75.33:0
GET /js/snapwidget.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"63c698d9-560f"
last-modified: Tue, 17 Jan 2023 12:47:21 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1715122
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7H5trHIGC6iN%2BHkXdkxCM4fo4gHwvFvlJVu5HDZlJCIczShQYuZ1kCTH5uALxLoPd%2BPr%2B7qtdL2zVwQmGJPfFVpqKCHQgrCFo%2FvLmkP86kAUJvYWmMR%2FcduAvOVaNuY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 7952cd0ebb4a0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.74:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 09:18:53 GMT
date: Mon, 06 Feb 2023 09:18:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2